VIRY.CZ

Zdravim,

jedna se o pokracovani z tohoto tematu.

Mel sem zavirovany notebook, ktery se mi diky zdejsi pomoci podarilo uspesne odvirovat, zjistil jsem ale, ze i druhy notebook je zavirovany podobnym zpusobem (pravdepodobne stejnou haveti). Predchozi problem byl o dost zavaznejsi, s ntb se nedalo vubec pracovat, zde muzu delat vice mene vse, pouze je system o neco pomalejsi a nejde mi odinstalovat rozsireni "save on!" ktere se dokola samo instaluje. Nize posilam log.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Ryan CZ (administrator) on RYANCZ-HP on 03-07-2014 18:21:08
Running from C:\Users\Ryan CZ\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Flux Software LLC) C:\Users\Ryan CZ\AppData\Local\FluxSoftware\Flux\flux.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-28] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-25] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-01] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [Google Update] => "C:\Users\Ryan CZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [F.lux] => C:\Users\Ryan CZ\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {0eace862-76bb-11e1-8190-402cf42498c1} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {cd34f000-4f73-11e2-a92e-402cf42498c1} - F:\PlayDiskStart.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM - {626E621E-2F4B-42BE-8818-CE2EFD1CF066} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {626E621E-2F4B-42BE-8818-CE2EFD1CF066} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKCU - {626E621E-2F4B-42BE-8818-CE2EFD1CF066} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{640D0E14-2141-473A-ABE0-39438C925A54}: [NameServer]160.218.161.60 160.218.167.5

FireFox:
========
FF ProfilePath: C:\Users\Ryan CZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: http://www.google.com
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ryan CZ\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ryan CZ\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: saAve ON - C:\Users\Ryan CZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default\Extensions\mf8qwct@ooyaih.org [2014-06-20]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2012-11-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-20]

Chrome:
=======
CHR HomePage: http://www.google.com
CHR StartupUrls: "www.google.com"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File
CHR Plugin: (Simple Pass 2011) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Ryan CZ\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-25]
CHR Extension: (avast! Online Security) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-20]
CHR Extension: (Peněženka Google) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (saAve ON) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm [2014-06-20]
CHR Extension: (Gmail) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-25]
CHR Extension: (saAve ON) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm\2.14 [2014-06-20]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-20]
CHR StartMenuInternet: Google Chrome - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-20] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2013-05-28] (Realsil Microelectronics Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-20] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-20] ()
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [6144 2007-03-26] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [54272 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [52224 2007-03-26] (Axesstel)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-26] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 rwoebgac; rwoebgac.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 18:21 - 2014-07-03 18:21 - 00024031 _____ () C:\Users\Ryan CZ\Desktop\FRST.txt
2014-07-03 18:20 - 2014-07-03 18:21 - 00000000 ____D () C:\FRST
2014-07-03 18:19 - 2014-07-03 18:19 - 02083840 _____ (Farbar) C:\Users\Ryan CZ\Desktop\FRST64.exe
2014-07-01 21:21 - 2014-07-02 13:55 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForRyan CZ.job
2014-07-01 21:21 - 2014-07-01 21:21 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRyan CZ
2014-06-21 02:41 - 2014-06-21 03:25 - 00000000 ____D () C:\Users\Ryan CZ\Desktop\Untitled
2014-06-21 02:24 - 2014-06-21 02:24 - 00000000 ____D () C:\Users\Ryan CZ\Documents\Camtasia Studio
2014-06-21 01:58 - 2014-06-21 02:38 - 1725547776 _____ () C:\Users\Ryan CZ\Desktop\capture-1.camrec
2014-06-21 00:27 - 2014-06-21 00:28 - 00000000 ____D () C:\AdwCleaner
2014-06-21 00:27 - 2014-06-21 00:27 - 00000137 _____ () C:\Users\Ryan CZ\Desktop\erger.txt
2014-06-21 00:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-21 00:26 - 2014-06-21 00:26 - 01333465 _____ () C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe
2014-06-20 23:39 - 2014-07-01 21:00 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 23:39 - 2014-07-01 21:00 - 00000000 ____D () C:\Users\Guest
2014-06-20 23:39 - 2014-07-01 21:00 - 00000000 ____D () C:\Users\Administrator
2014-06-20 23:39 - 2014-06-21 00:29 - 00000000 ____D () C:\ProgramData\Save! on
2014-06-20 23:39 - 2014-06-20 23:41 - 00000000 ____D () C:\ProgramData\1436c0765de790cd
2014-06-20 23:39 - 2014-06-20 23:39 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Program Files (x86)\Save! on
2014-06-20 23:38 - 2014-06-20 23:38 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 22:52 - 2014-06-20 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-20 22:13 - 2014-06-20 22:13 - 00002536 _____ () C:\Users\Ryan CZ\Desktop\Google Chrome.lnk
2014-06-20 17:09 - 2014-06-20 17:13 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2014-06-20 17:09 - 2014-06-20 17:09 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\postgres\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\Ryan CZ\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:08 - 2014-06-20 17:09 - 01845717 _____ () C:\Users\Ryan CZ\Downloads\Vtipy.exe
2014-06-20 17:08 - 2014-06-20 17:08 - 00384140 _____ () C:\Users\Ryan CZ\Downloads\Easter_Eggy.exe
2014-06-20 12:11 - 2014-06-20 12:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-20 09:58 - 2014-06-20 09:58 - 00266288 _____ () C:\Windows\Minidump\062014-89747-01.dmp
2014-06-20 09:42 - 2014-06-20 21:57 - 00002068 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-06-20 09:42 - 2014-06-20 21:57 - 00002068 _____ () C:\ProgramData\Desktop\avast! SafeZone.lnk
2014-06-20 09:42 - 2014-06-20 21:57 - 00002008 _____ () C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-06-20 09:42 - 2014-06-20 21:57 - 00002008 _____ () C:\ProgramData\Desktop\avast! Pro Antivirus.lnk
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\AVAST Software
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-20 09:41 - 2014-07-03 12:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-20 09:41 - 2014-06-20 09:41 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-20 09:30 - 2014-06-20 09:57 - 833508569 _____ () C:\Windows\MEMORY.DMP
2014-06-20 09:30 - 2014-06-20 09:30 - 00262144 _____ () C:\Windows\Minidump\062014-45162-01.dmp
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieUserList
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieSiteList
2014-06-20 09:01 - 2014-06-20 09:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 01:25 - 2014-06-21 03:09 - 01560276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-19 22:54 - 2014-06-19 22:54 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2014-06-19 22:51 - 2014-06-19 22:51 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:34 - 2014-06-19 22:35 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\Users\Public\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\ProgramData\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2014-06-19 22:31 - 2014-06-19 22:31 - 00000000 ____D () C:\Program Files (x86)\Aspyr
2014-06-19 22:28 - 2009-09-01 11:06 - 717127680 _____ () C:\Users\Ryan CZ\Desktop\Tony Hawks Pro Skater 4 CD2.iso
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\WildTangent
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-19 15:56 - 2014-07-03 14:58 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\vlc
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-19 15:12 - 2014-06-19 15:13 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\GetRightToGo
2014-06-19 14:15 - 2014-05-09 16:13 - 00139868 _____ () C:\Users\Ryan CZ\Desktop\keepas.kdb
2014-06-19 13:32 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-19 13:32 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-19 13:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-19 13:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-19 13:32 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-19 13:32 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-19 13:32 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-19 13:32 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-19 13:32 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-19 13:32 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-19 13:32 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-19 13:32 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-19 13:32 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-19 13:32 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-19 13:31 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 13:31 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 13:31 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 13:31 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 13:31 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 13:31 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 13:31 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 13:31 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 13:31 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 13:31 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 13:31 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 13:31 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 13:31 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 13:31 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 13:31 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 13:31 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 13:31 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 13:31 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 13:31 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 13:31 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 13:31 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 13:31 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 13:31 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 13:31 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 13:31 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 13:31 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 13:31 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 13:31 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 13:31 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 13:31 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 13:31 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 13:31 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 13:31 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 13:31 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 13:31 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 13:31 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 13:31 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 13:31 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 13:31 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 13:31 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 13:31 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 13:31 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 13:31 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 13:31 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 13:31 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 13:31 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 13:31 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 13:31 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 13:31 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 13:31 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 13:31 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 13:31 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-19 13:30 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-19 13:30 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-19 13:29 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-19 13:29 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-19 13:29 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-19 13:29 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-19 13:29 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-19 13:29 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-19 13:29 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-19 13:28 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-19 13:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-19 13:28 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-19 13:28 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-19 13:28 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-19 13:28 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-19 13:28 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-19 13:28 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-19 13:28 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-19 13:28 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-19 13:28 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-19 13:28 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-19 13:28 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-19 13:28 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-19 13:28 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-19 13:28 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-19 13:28 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-19 13:28 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-19 13:28 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-19 13:28 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-19 13:27 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-19 13:27 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-19 13:27 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-19 13:27 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-19 13:27 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-19 13:27 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-19 13:27 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-19 13:27 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-19 13:27 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-19 13:27 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-19 13:27 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-19 13:27 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-19 13:27 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-19 13:27 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-19 13:27 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-19 13:27 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-19 13:17 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-19 13:17 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-19 13:17 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-19 13:17 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-19 13:17 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-19 13:17 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-19 13:17 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-19 13:17 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-19 13:17 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-19 13:16 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-19 13:16 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-19 13:16 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-19 13:16 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-19 13:16 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-19 13:16 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-19 13:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-19 13:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-19 13:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-19 13:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-07-03 18:21 - 2014-07-03 18:21 - 00024031 _____ () C:\Users\Ryan CZ\Desktop\FRST.txt
2014-07-03 18:21 - 2014-07-03 18:20 - 00000000 ____D () C:\FRST
2014-07-03 18:19 - 2014-07-03 18:19 - 02083840 _____ (Farbar) C:\Users\Ryan CZ\Desktop\FRST64.exe
2014-07-03 18:18 - 2012-04-05 17:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 18:18 - 2012-03-25 22:45 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001UA.job
2014-07-03 18:18 - 2011-12-11 10:03 - 01882323 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 14:58 - 2014-06-19 15:56 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\vlc
2014-07-03 12:49 - 2012-03-25 17:32 - 00004030 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A3D76F4-52AF-45F4-9B74-F91E08D2F952}
2014-07-03 12:48 - 2014-06-20 09:41 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-03 12:48 - 2012-03-25 22:45 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001Core.job
2014-07-02 14:03 - 2011-09-04 12:18 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-07-02 14:03 - 2011-09-04 12:18 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-07-02 14:03 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 14:03 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 14:03 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 13:55 - 2014-07-01 21:21 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForRyan CZ.job
2014-07-02 13:55 - 2012-05-25 00:49 - 00086143 _____ () C:\Windows\setupact.log
2014-07-02 13:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 21:21 - 2014-07-01 21:21 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRyan CZ
2014-07-01 21:21 - 2012-03-27 19:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-01 21:19 - 2012-05-01 14:40 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-01 21:00 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-01 21:00 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest
2014-07-01 21:00 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator
2014-06-21 03:25 - 2014-06-21 02:41 - 00000000 ____D () C:\Users\Ryan CZ\Desktop\Untitled
2014-06-21 03:09 - 2014-06-20 01:25 - 01560276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-21 02:38 - 2014-06-21 01:58 - 1725547776 _____ () C:\Users\Ryan CZ\Desktop\capture-1.camrec
2014-06-21 02:24 - 2014-06-21 02:24 - 00000000 ____D () C:\Users\Ryan CZ\Documents\Camtasia Studio
2014-06-21 01:57 - 2012-07-29 02:02 - 00005632 _____ () C:\Users\Ryan CZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-21 00:29 - 2014-06-20 23:39 - 00000000 ____D () C:\ProgramData\Save! on
2014-06-21 00:29 - 2012-05-25 00:49 - 00302866 _____ () C:\Windows\PFRO.log
2014-06-21 00:28 - 2014-06-21 00:27 - 00000000 ____D () C:\AdwCleaner
2014-06-21 00:27 - 2014-06-21 00:27 - 00000137 _____ () C:\Users\Ryan CZ\Desktop\erger.txt
2014-06-21 00:26 - 2014-06-21 00:26 - 01333465 _____ () C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe
2014-06-21 00:14 - 2011-09-04 03:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-20 23:43 - 2012-04-12 03:40 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-20 23:41 - 2014-06-20 23:39 - 00000000 ____D () C:\ProgramData\1436c0765de790cd
2014-06-20 23:39 - 2014-06-20 23:39 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Program Files (x86)\Save! on
2014-06-20 23:39 - 2012-03-25 22:45 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\Google
2014-06-20 23:39 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-20 23:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-20 23:38 - 2014-06-20 23:38 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 22:52 - 2014-06-20 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-20 22:50 - 2011-09-04 02:46 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-06-20 22:18 - 2013-04-14 20:14 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\DVDVideoSoft
2014-06-20 22:13 - 2014-06-20 22:13 - 00002536 _____ () C:\Users\Ryan CZ\Desktop\Google Chrome.lnk
2014-06-20 22:07 - 2013-04-14 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-20 22:07 - 2013-04-14 20:14 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-20 21:57 - 2014-06-20 09:42 - 00002068 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-06-20 21:57 - 2014-06-20 09:42 - 00002068 _____ () C:\ProgramData\Desktop\avast! SafeZone.lnk
2014-06-20 21:57 - 2014-06-20 09:42 - 00002008 _____ () C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-06-20 21:57 - 2014-06-20 09:42 - 00002008 _____ () C:\ProgramData\Desktop\avast! Pro Antivirus.lnk
2014-06-20 21:57 - 2013-01-13 21:00 - 00000882 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-06-20 21:57 - 2013-01-13 21:00 - 00000882 _____ () C:\ProgramData\Desktop\Total Commander.lnk
2014-06-20 17:13 - 2014-06-20 17:09 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2014-06-20 17:09 - 2014-06-20 17:09 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\postgres\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\Ryan CZ\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:08 - 01845717 _____ () C:\Users\Ryan CZ\Downloads\Vtipy.exe
2014-06-20 17:08 - 2014-06-20 17:08 - 00384140 _____ () C:\Users\Ryan CZ\Downloads\Easter_Eggy.exe
2014-06-20 12:11 - 2014-06-20 12:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-20 09:58 - 2014-06-20 09:58 - 00266288 _____ () C:\Windows\Minidump\062014-89747-01.dmp
2014-06-20 09:58 - 2012-04-04 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-06-20 09:57 - 2014-06-20 09:30 - 833508569 _____ () C:\Windows\MEMORY.DMP
2014-06-20 09:51 - 2012-09-21 01:46 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\AVAST Software
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-20 09:41 - 2014-06-20 09:41 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-20 09:41 - 2012-04-12 23:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-20 09:30 - 2014-06-20 09:30 - 00262144 _____ () C:\Windows\Minidump\062014-45162-01.dmp
2014-06-20 09:28 - 2012-04-12 23:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieUserList
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieSiteList
2014-06-20 09:05 - 2009-07-14 06:45 - 00449960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-20 09:01 - 2014-06-20 09:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 01:30 - 2013-08-19 21:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 01:27 - 2012-04-07 22:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-20 01:18 - 2013-01-12 23:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-20 01:18 - 2013-01-12 23:55 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-20 01:17 - 2013-01-12 23:55 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-20 01:17 - 2013-01-12 23:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-20 01:06 - 2013-03-19 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-20 01:05 - 2013-03-19 21:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-20 01:05 - 2013-03-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-19 22:54 - 2014-06-19 22:54 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2014-06-19 22:51 - 2014-06-19 22:51 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:35 - 2014-06-19 22:34 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2014-06-19 22:35 - 2012-03-26 03:35 - 00000000 ____D () C:\Users\postgres
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\Users\Public\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\ProgramData\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2014-06-19 22:31 - 2014-06-19 22:31 - 00000000 ____D () C:\Program Files (x86)\Aspyr
2014-06-19 22:08 - 2011-09-04 02:47 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\WildTangent
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-19 22:03 - 2011-09-04 02:47 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-06-19 22:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 21:53 - 2012-03-25 22:45 - 00003980 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001UA
2014-06-19 21:53 - 2012-03-25 22:45 - 00003584 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001Core
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-19 15:13 - 2014-06-19 15:12 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\GetRightToGo
2014-06-19 14:51 - 2012-04-05 17:01 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-19 14:51 - 2012-04-05 17:01 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 14:51 - 2012-04-05 17:01 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-19 13:48 - 2012-11-02 18:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-19 13:46 - 2012-03-25 22:47 - 00000000 ____D () C:\ProgramData\Skype
2014-06-19 13:36 - 2012-10-03 18:52 - 00000379 _____ () C:\Windows\wininit.ini
2014-06-19 13:34 - 2012-03-25 17:20 - 00000000 ____D () C:\Users\Ryan CZ
2014-06-19 13:33 - 2012-09-24 18:26 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Samsung
2014-06-19 13:31 - 2012-09-24 18:24 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-19 13:28 - 2012-03-26 01:32 - 00000000 ____D () C:\ProgramData\Boss Media
2014-06-19 13:11 - 2012-03-25 17:25 - 00116088 _____ () C:\Users\Ryan CZ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 11:13 - 2014-06-19 13:30 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-19 13:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Ryan CZ\AppData\Local\Temp\comver.dll
C:\Users\Ryan CZ\AppData\Local\Temp\Extract.exe
C:\Users\Ryan CZ\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Ryan CZ\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\Ryan CZ\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Ryan CZ\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Ryan CZ\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Ryan CZ\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Ryan CZ\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Ryan CZ\AppData\Local\Temp\Quarantine.exe
C:\Users\Ryan CZ\AppData\Local\Temp\Resource.exe
C:\Users\Ryan CZ\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ryan CZ\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP54630.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP55101.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP55102.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP55104.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP55109.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP55152.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP56878.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP56929.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP57232.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP57965.exe
C:\Users\Ryan CZ\AppData\Local\Temp\sp58915.exe
C:\Users\Ryan CZ\AppData\Local\Temp\SP59542.exe
C:\Users\Ryan CZ\AppData\Local\Temp\Tsu0B034AA0.dll
C:\Users\Ryan CZ\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Ryan CZ\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-12-08 04:53

==================== End Of Log ============================

Zdravim

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Ryan CZ on źt 03.07.2014 at 21:00:51,37.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ryan CZ\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3.7.2014 21:02:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1344483680-600186237-1861027464-1001\Software\Microsoft\Internet Explorer\SearchScopes\{626E621E-2F4B-42BE-8818-CE2EFD1CF066} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1344483680-600186237-1861027464-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\RYANCZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");

Added to C:\Users\RYANCZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\RYANCZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default

user.js not found
---- Lines extensions.D3ywfggyws8O removed from prefs.js ----
user_pref("extensions.D3ywfggyws8O.epoch", "1403387105");
user_pref("extensions.D3ywfggyws8O.url", "http://getfetch.info/sync2/?q=hfZ9ofq7B ... rjnEqTsErT
---- FireFox user.js and prefs.js backups ----

prefs_03.07.2014_2111_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\MyFree Codec deleted
C:\Users\Ryan CZ\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\Ryan CZ\Searches deleted
C:\Windows\wininit.ini deleted
C:\Users\RYANCZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default\extensions\mf8qwct@ooyaih.org deleted
"C:\PROGRA~3\1436c0765de790cd\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140620233913" deleted
"C:\PROGRA~3\1436c0765de790cd\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140620233938" deleted
"C:\PROGRA~3\1436c0765de790cd\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140620234154" deleted
"C:\PROGRA~3\1436c0765de790cd" deleted
"C:\Users\Ryan CZ\AppData\Roaming\Samsung" deleted
"C:\Users\Ryan CZ\AppData\Roaming\_MDLogs" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20.06.2014 09:41]

==== Firefox Extensions ======================

ProfilePath: C:\Users\RYANCZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files (x86)\Mozilla Firefox
- TrueSuite Website Logon - %AppDir%\extensions\websitelogon@truesuite.com
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Ryan CZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
855B79451ECF62602F20EB4D5C71F99B - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aepeildmfnnehghlknddebgjghlompfe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[11.02.2011 04:37]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20.06.2014 09:41]

saAve ON - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Ryan CZ\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
avast Online Security - Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
saAve ON - Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - Ryan CZ\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - postgres\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - postgres\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm
saAve ON - postgres\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm

==== Chrome Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Ryan CZ\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\Ryan CZ\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\postgres\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\postgres\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully
C:\Users\postgres\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omgkbgkancdpnehfhdgmfnpekoopjldm deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com/search?q={searchT ... d=ie7&rlz="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ryan CZ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ryan CZ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Ryan CZ\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ryan CZ\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Ryan CZ\AppData\Local\Mozilla\Firefox\Profiles\2ikpfvv2.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=289 folders=72 32835159 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ryan CZ\AppData\Local\Temp will be emptied at reboot
C:\Users\postgres\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\RYANCZ\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 03.07.2014 at 21:18:10,72 ======================

Poprosim o novy log z FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Ryan CZ (administrator) on RYANCZ-HP on 04-07-2014 13:22:55
Running from C:\Users\Ryan CZ\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Flux Software LLC) C:\Users\Ryan CZ\AppData\Local\FluxSoftware\Flux\flux.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-28] (IDT, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-25] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-01] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [Google Update] => "C:\Users\Ryan CZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [F.lux] => C:\Users\Ryan CZ\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {0eace862-76bb-11e1-8190-402cf42498c1} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {cd34f000-4f73-11e2-a92e-402cf42498c1} - F:\PlayDiskStart.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{640D0E14-2141-473A-ABE0-39438C925A54}: [NameServer]160.218.161.60 160.218.167.5

FireFox:
========
FF ProfilePath: C:\Users\Ryan CZ\AppData\Roaming\Mozilla\Firefox\Profiles\2ikpfvv2.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ryan CZ\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ryan CZ\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2012-11-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-20]

Chrome:
=======
CHR Extension: (Website Logon) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2014-07-03]
CHR Extension: (Dokumenty Google) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-03]
CHR Extension: (Disk Google) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-03]
CHR Extension: (YouTube) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-25]
CHR Extension: (avast! Online Security) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-20]
CHR Extension: (Peněženka Google) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (Gmail) - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-20]
CHR StartMenuInternet: Google Chrome - C:\Users\Ryan CZ\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-20] (AVAST Software)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2013-05-28] (Realsil Microelectronics Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-20] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-20] ()
S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [6144 2007-03-26] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [54272 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [52224 2007-03-26] (Axesstel)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-26] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 rwoebgac; rwoebgac.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 21:19 - 2014-07-03 21:19 - 00013795 _____ () C:\Users\Ryan CZ\Desktop\zoek-results.txt
2014-07-03 21:15 - 2014-07-03 21:00 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-03 21:01 - 2014-07-03 21:18 - 00013795 _____ () C:\zoek-results.log
2014-07-03 21:00 - 2014-07-03 21:13 - 00000000 ____D () C:\zoek_backup
2014-07-03 20:58 - 2014-07-03 20:59 - 01285120 _____ () C:\Users\Ryan CZ\Desktop\zoek.exe
2014-07-03 18:39 - 2014-07-03 18:39 - 00022235 _____ () C:\Users\Ryan CZ\Desktop\loggs.rar
2014-07-03 18:25 - 2014-07-03 18:26 - 00036637 _____ () C:\Users\Ryan CZ\Desktop\Addition.txt
2014-07-03 18:21 - 2014-07-04 13:23 - 00022073 _____ () C:\Users\Ryan CZ\Desktop\FRST.txt
2014-07-03 18:20 - 2014-07-04 13:22 - 00000000 ____D () C:\FRST
2014-07-03 18:19 - 2014-07-03 18:19 - 02083840 _____ (Farbar) C:\Users\Ryan CZ\Desktop\FRST64.exe
2014-07-01 21:21 - 2014-07-02 13:55 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForRyan CZ.job
2014-07-01 21:21 - 2014-07-01 21:21 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRyan CZ
2014-06-21 02:41 - 2014-06-21 03:25 - 00000000 ____D () C:\Users\Ryan CZ\Desktop\Untitled
2014-06-21 02:24 - 2014-06-21 02:24 - 00000000 ____D () C:\Users\Ryan CZ\Documents\Camtasia Studio
2014-06-21 01:58 - 2014-06-21 02:38 - 1725547776 _____ () C:\Users\Ryan CZ\Desktop\capture-1.camrec
2014-06-21 00:27 - 2014-06-21 00:28 - 00000000 ____D () C:\AdwCleaner
2014-06-21 00:27 - 2014-06-21 00:27 - 00000137 _____ () C:\Users\Ryan CZ\Desktop\erger.txt
2014-06-21 00:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-21 00:26 - 2014-06-21 00:26 - 01333465 _____ () C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe
2014-06-20 23:39 - 2014-07-01 21:00 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 23:39 - 2014-07-01 21:00 - 00000000 ____D () C:\Users\Guest
2014-06-20 23:39 - 2014-07-01 21:00 - 00000000 ____D () C:\Users\Administrator
2014-06-20 23:39 - 2014-06-21 00:29 - 00000000 ____D () C:\ProgramData\Save! on
2014-06-20 23:39 - 2014-06-20 23:39 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Program Files (x86)\Save! on
2014-06-20 22:52 - 2014-06-20 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-20 22:13 - 2014-06-20 22:13 - 00002536 _____ () C:\Users\Ryan CZ\Desktop\Google Chrome.lnk
2014-06-20 17:09 - 2014-06-20 17:13 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2014-06-20 17:09 - 2014-06-20 17:09 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\postgres\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\Ryan CZ\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:08 - 2014-06-20 17:09 - 01845717 _____ () C:\Users\Ryan CZ\Downloads\Vtipy.exe
2014-06-20 17:08 - 2014-06-20 17:08 - 00384140 _____ () C:\Users\Ryan CZ\Downloads\Easter_Eggy.exe
2014-06-20 12:11 - 2014-06-20 12:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-20 09:58 - 2014-06-20 09:58 - 00266288 _____ () C:\Windows\Minidump\062014-89747-01.dmp
2014-06-20 09:42 - 2014-06-20 21:57 - 00002068 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-06-20 09:42 - 2014-06-20 21:57 - 00002068 _____ () C:\ProgramData\Desktop\avast! SafeZone.lnk
2014-06-20 09:42 - 2014-06-20 21:57 - 00002008 _____ () C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-06-20 09:42 - 2014-06-20 21:57 - 00002008 _____ () C:\ProgramData\Desktop\avast! Pro Antivirus.lnk
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\AVAST Software
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-20 09:41 - 2014-07-04 12:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-20 09:41 - 2014-06-20 09:41 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-20 09:30 - 2014-06-20 09:57 - 833508569 _____ () C:\Windows\MEMORY.DMP
2014-06-20 09:30 - 2014-06-20 09:30 - 00262144 _____ () C:\Windows\Minidump\062014-45162-01.dmp
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieUserList
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieSiteList
2014-06-20 09:01 - 2014-06-20 09:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 01:25 - 2014-06-21 03:09 - 01560276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-19 22:54 - 2014-06-19 22:54 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2014-06-19 22:51 - 2014-06-19 22:51 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:34 - 2014-06-19 22:35 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\Users\Public\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\ProgramData\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2014-06-19 22:31 - 2014-06-19 22:31 - 00000000 ____D () C:\Program Files (x86)\Aspyr
2014-06-19 22:28 - 2009-09-01 11:06 - 717127680 _____ () C:\Users\Ryan CZ\Desktop\Tony Hawks Pro Skater 4 CD2.iso
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\WildTangent
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-19 15:56 - 2014-07-03 14:58 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\vlc
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-19 14:15 - 2014-05-09 16:13 - 00139868 _____ () C:\Users\Ryan CZ\Desktop\keepas.kdb
2014-06-19 13:32 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-19 13:32 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-19 13:32 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-19 13:32 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-19 13:32 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-19 13:32 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-19 13:32 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-19 13:32 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-19 13:32 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-19 13:32 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-19 13:32 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-19 13:32 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-19 13:32 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-19 13:32 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-19 13:31 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 13:31 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 13:31 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 13:31 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 13:31 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 13:31 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 13:31 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 13:31 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 13:31 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 13:31 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 13:31 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 13:31 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 13:31 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 13:31 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 13:31 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 13:31 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 13:31 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 13:31 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 13:31 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 13:31 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 13:31 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 13:31 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 13:31 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 13:31 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 13:31 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 13:31 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 13:31 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 13:31 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 13:31 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 13:31 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 13:31 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 13:31 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 13:31 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 13:31 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 13:31 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 13:31 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 13:31 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 13:31 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 13:31 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 13:31 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 13:31 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 13:31 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 13:31 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 13:31 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 13:31 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 13:31 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 13:31 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 13:31 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 13:31 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 13:31 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 13:31 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 13:31 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-19 13:30 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-19 13:30 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-19 13:29 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-19 13:29 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-19 13:29 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-19 13:29 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-19 13:29 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-19 13:29 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-19 13:29 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-19 13:28 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-19 13:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-19 13:28 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-19 13:28 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-19 13:28 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-19 13:28 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-19 13:28 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-19 13:28 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-19 13:28 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-19 13:28 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-19 13:28 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-19 13:28 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-19 13:28 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-19 13:28 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-19 13:28 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-19 13:28 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-19 13:28 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-19 13:28 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-19 13:28 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-19 13:28 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-19 13:27 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-19 13:27 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-19 13:27 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-19 13:27 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-19 13:27 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-19 13:27 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-19 13:27 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-19 13:27 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-19 13:27 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-19 13:27 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-19 13:27 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-19 13:27 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-19 13:27 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-19 13:27 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-19 13:27 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-19 13:27 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-19 13:27 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-19 13:27 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-19 13:27 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-19 13:17 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-19 13:17 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-19 13:17 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-19 13:17 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-19 13:17 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-19 13:17 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-19 13:17 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-19 13:17 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-19 13:17 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-19 13:16 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-19 13:16 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-19 13:16 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-19 13:16 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-19 13:16 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-19 13:16 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-19 13:16 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-19 13:16 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-19 13:16 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-19 13:16 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-19 13:16 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

==================== One Month Modified Files and Folders =======

2014-07-04 13:23 - 2014-07-03 18:21 - 00022073 _____ () C:\Users\Ryan CZ\Desktop\FRST.txt
2014-07-04 13:22 - 2014-07-03 18:20 - 00000000 ____D () C:\FRST
2014-07-04 12:59 - 2012-03-25 17:32 - 00004030 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A3D76F4-52AF-45F4-9B74-F91E08D2F952}
2014-07-04 12:58 - 2012-03-25 22:45 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001UA.job
2014-07-04 12:58 - 2011-12-11 10:03 - 01916699 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 12:51 - 2012-04-05 17:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 12:47 - 2014-06-20 09:41 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-04 12:47 - 2012-03-25 22:45 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001Core.job
2014-07-03 21:24 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 21:24 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 21:21 - 2011-09-04 12:18 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-07-03 21:21 - 2011-09-04 12:18 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-07-03 21:21 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 21:19 - 2014-07-03 21:19 - 00013795 _____ () C:\Users\Ryan CZ\Desktop\zoek-results.txt
2014-07-03 21:18 - 2014-07-03 21:01 - 00013795 _____ () C:\zoek-results.log
2014-07-03 21:16 - 2012-05-25 00:49 - 00303200 _____ () C:\Windows\PFRO.log
2014-07-03 21:16 - 2012-05-25 00:49 - 00086199 _____ () C:\Windows\setupact.log
2014-07-03 21:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 21:13 - 2014-07-03 21:00 - 00000000 ____D () C:\zoek_backup
2014-07-03 21:11 - 2012-03-25 17:20 - 00000000 ____D () C:\Users\Ryan CZ
2014-07-03 21:00 - 2014-07-03 21:15 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-03 20:59 - 2014-07-03 20:58 - 01285120 _____ () C:\Users\Ryan CZ\Desktop\zoek.exe
2014-07-03 18:39 - 2014-07-03 18:39 - 00022235 _____ () C:\Users\Ryan CZ\Desktop\loggs.rar
2014-07-03 18:26 - 2014-07-03 18:25 - 00036637 _____ () C:\Users\Ryan CZ\Desktop\Addition.txt
2014-07-03 18:19 - 2014-07-03 18:19 - 02083840 _____ (Farbar) C:\Users\Ryan CZ\Desktop\FRST64.exe
2014-07-03 14:58 - 2014-06-19 15:56 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\vlc
2014-07-02 13:55 - 2014-07-01 21:21 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForRyan CZ.job
2014-07-01 21:21 - 2014-07-01 21:21 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRyan CZ
2014-07-01 21:21 - 2012-03-27 19:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-01 21:19 - 2012-05-01 14:40 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-01 21:00 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-01 21:00 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest
2014-07-01 21:00 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator
2014-06-21 03:25 - 2014-06-21 02:41 - 00000000 ____D () C:\Users\Ryan CZ\Desktop\Untitled
2014-06-21 03:09 - 2014-06-20 01:25 - 01560276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-21 02:38 - 2014-06-21 01:58 - 1725547776 _____ () C:\Users\Ryan CZ\Desktop\capture-1.camrec
2014-06-21 02:24 - 2014-06-21 02:24 - 00000000 ____D () C:\Users\Ryan CZ\Documents\Camtasia Studio
2014-06-21 01:57 - 2012-07-29 02:02 - 00005632 _____ () C:\Users\Ryan CZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-21 00:29 - 2014-06-20 23:39 - 00000000 ____D () C:\ProgramData\Save! on
2014-06-21 00:28 - 2014-06-21 00:27 - 00000000 ____D () C:\AdwCleaner
2014-06-21 00:27 - 2014-06-21 00:27 - 00000137 _____ () C:\Users\Ryan CZ\Desktop\erger.txt
2014-06-21 00:26 - 2014-06-21 00:26 - 01333465 _____ () C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe
2014-06-21 00:14 - 2011-09-04 03:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-20 23:43 - 2012-04-12 03:40 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-20 23:39 - 2014-06-20 23:39 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\postgres\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 23:39 - 2014-06-20 23:39 - 00000000 ____D () C:\Program Files (x86)\Save! on
2014-06-20 23:39 - 2012-03-25 22:45 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\Google
2014-06-20 23:39 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-20 23:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-20 22:52 - 2014-06-20 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-20 22:50 - 2011-09-04 02:46 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-06-20 22:18 - 2013-04-14 20:14 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\DVDVideoSoft
2014-06-20 22:13 - 2014-06-20 22:13 - 00002536 _____ () C:\Users\Ryan CZ\Desktop\Google Chrome.lnk
2014-06-20 22:07 - 2013-04-14 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-20 22:07 - 2013-04-14 20:14 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-20 21:57 - 2014-06-20 09:42 - 00002068 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-06-20 21:57 - 2014-06-20 09:42 - 00002068 _____ () C:\ProgramData\Desktop\avast! SafeZone.lnk
2014-06-20 21:57 - 2014-06-20 09:42 - 00002008 _____ () C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
2014-06-20 21:57 - 2014-06-20 09:42 - 00002008 _____ () C:\ProgramData\Desktop\avast! Pro Antivirus.lnk
2014-06-20 21:57 - 2013-01-13 21:00 - 00000882 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2014-06-20 21:57 - 2013-01-13 21:00 - 00000882 _____ () C:\ProgramData\Desktop\Total Commander.lnk
2014-06-20 17:13 - 2014-06-20 17:09 - 00000000 ____D () C:\Program Files (x86)\Scorpions WinCheater
2014-06-20 17:09 - 2014-06-20 17:09 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\postgres\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:09 - 00001091 _____ () C:\Users\Ryan CZ\Desktop\Scorpion's WinCheater 2.lnk
2014-06-20 17:09 - 2014-06-20 17:08 - 01845717 _____ () C:\Users\Ryan CZ\Downloads\Vtipy.exe
2014-06-20 17:08 - 2014-06-20 17:08 - 00384140 _____ () C:\Users\Ryan CZ\Downloads\Easter_Eggy.exe
2014-06-20 12:11 - 2014-06-20 12:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-20 09:58 - 2014-06-20 09:58 - 00266288 _____ () C:\Windows\Minidump\062014-89747-01.dmp
2014-06-20 09:58 - 2012-04-04 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-06-20 09:57 - 2014-06-20 09:30 - 833508569 _____ () C:\Windows\MEMORY.DMP
2014-06-20 09:51 - 2012-09-21 01:46 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\AVAST Software
2014-06-20 09:42 - 2014-06-20 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1403250108091
2014-06-20 09:41 - 2014-06-20 09:41 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-20 09:41 - 2014-06-20 09:41 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-20 09:41 - 2014-06-20 09:41 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-20 09:41 - 2012-04-12 23:08 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-20 09:30 - 2014-06-20 09:30 - 00262144 _____ () C:\Windows\Minidump\062014-45162-01.dmp
2014-06-20 09:28 - 2012-04-12 23:08 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieUserList
2014-06-20 09:27 - 2014-06-20 09:27 - 00000000 __SHD () C:\Users\Ryan CZ\AppData\Local\EmieSiteList
2014-06-20 09:05 - 2009-07-14 06:45 - 00449960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 09:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-20 09:01 - 2014-06-20 09:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-20 01:30 - 2013-08-19 21:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 01:27 - 2012-04-07 22:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-20 01:18 - 2013-01-12 23:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-20 01:18 - 2013-01-12 23:55 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-20 01:17 - 2013-01-12 23:55 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-20 01:17 - 2013-01-12 23:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-20 01:06 - 2013-03-19 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-20 01:05 - 2013-03-19 21:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-20 01:05 - 2013-03-19 21:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-19 22:54 - 2014-06-19 22:54 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Local\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\SmartTechnology
2014-06-19 22:52 - 2014-06-19 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2014-06-19 22:51 - 2014-06-19 22:51 - 00000000 ____D () C:\Program Files\SmartTechnology
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 22:35 - 2014-06-19 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2014-06-19 22:35 - 2014-06-19 22:34 - 00000000 ____D () C:\Program Files (x86)\GameSpy Arcade
2014-06-19 22:35 - 2012-03-26 03:35 - 00000000 ____D () C:\Users\postgres
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\Users\Public\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00002053 _____ () C:\ProgramData\Desktop\Tony Hawks Pro Skater 4.lnk
2014-06-19 22:34 - 2014-06-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2014-06-19 22:31 - 2014-06-19 22:31 - 00000000 ____D () C:\Program Files (x86)\Aspyr
2014-06-19 22:08 - 2011-09-04 02:47 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\Users\Ryan CZ\AppData\Roaming\WildTangent
2014-06-19 22:03 - 2014-06-19 22:03 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-19 22:03 - 2011-09-04 02:47 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-06-19 22:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 21:53 - 2012-03-25 22:45 - 00003980 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001UA
2014-06-19 21:53 - 2012-03-25 22:45 - 00003584 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1344483680-600186237-1861027464-1001Core
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00001066 _____ () C:\ProgramData\Desktop\VLC media player.lnk
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-19 15:56 - 2014-06-19 15:56 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-19 14:51 - 2012-04-05 17:01 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-19 14:51 - 2012-04-05 17:01 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 14:51 - 2012-04-05 17:01 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-19 13:48 - 2012-11-02 18:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-19 13:46 - 2012-03-25 22:47 - 00000000 ____D () C:\ProgramData\Skype
2014-06-19 13:31 - 2012-09-24 18:24 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-19 13:28 - 2012-03-26 01:32 - 00000000 ____D () C:\ProgramData\Boss Media
2014-06-19 13:11 - 2012-03-25 17:25 - 00116088 _____ () C:\Users\Ryan CZ\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 11:13 - 2014-06-19 13:30 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-19 13:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-12-08 04:53

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
  HKLM-x32\...\Run: [] => [X]
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
  HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [Google Update] => "C:\Users\Ryan CZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
  HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [F.lux] => C:\Users\Ryan CZ\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
  HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
  HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {0eace862-76bb-11e1-8190-402cf42498c1} - F:\Axesstel_Setup.exe
  HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {cd34f000-4f73-11e2-a92e-402cf42498c1} - F:\PlayDiskStart.exe
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  S3 rwoebgac; rwoebgac.sys [X]
  
  2014-07-03 21:19 - 2014-07-03 21:19 - 00013795 _____ () C:\Users\Ryan CZ\Desktop\zoek-results.txt
  2014-07-03 21:15 - 2014-07-03 21:00 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-07-03 21:01 - 2014-07-03 21:18 - 00013795 _____ () C:\zoek-results.log
  2014-07-03 21:00 - 2014-07-03 21:13 - 00000000 ____D () C:\zoek_backup
  2014-07-03 20:58 - 2014-07-03 20:59 - 01285120 _____ () C:\Users\Ryan CZ\Desktop\zoek.exe
  2014-07-03 18:39 - 2014-07-03 18:39 - 00022235 _____ () C:\Users\Ryan CZ\Desktop\loggs.rar
  2014-07-03 18:25 - 2014-07-03 18:26 - 00036637 _____ () C:\Users\Ryan CZ\Desktop\Addition.txt
  2014-07-03 18:21 - 2014-07-04 13:23 - 00022073 _____ () C:\Users\Ryan CZ\Desktop\FRST.txt
  2014-06-21 00:27 - 2014-06-21 00:28 - 00000000 ____D () C:\AdwCleaner
  2014-06-21 00:27 - 2014-06-21 00:27 - 00000137 _____ () C:\Users\Ryan CZ\Desktop\erger.txt
  2014-06-21 00:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-06-21 00:26 - 2014-06-21 00:26 - 01333465 _____ () C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Ryan CZ at 2014-07-04 14:48:19 Run:1
Running from C:\Users\Ryan CZ\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013

-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe

Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26]

(Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-

02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [Google Update] => "C:\Users\Ryan CZ\AppData\Local\Google\Update

\GoogleUpdate.exe" /c
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [F.lux] => C:\Users\Ryan CZ\AppData\Local\FluxSoftware\Flux

\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite

\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {0eace862-76bb-11e1-8190-402cf42498c1} - F:

\Axesstel_Setup.exe
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\...\MountPoints2: {cd34f000-4f73-11e2-a92e-402cf42498c1} - F:

\PlayDiskStart.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S3 rwoebgac; rwoebgac.sys [X]

2014-07-03 21:19 - 2014-07-03 21:19 - 00013795 _____ () C:\Users\Ryan CZ\Desktop\zoek-results.txt
2014-07-03 21:15 - 2014-07-03 21:00 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-03 21:01 - 2014-07-03 21:18 - 00013795 _____ () C:\zoek-results.log
2014-07-03 21:00 - 2014-07-03 21:13 - 00000000 ____D () C:\zoek_backup
2014-07-03 20:58 - 2014-07-03 20:59 - 01285120 _____ () C:\Users\Ryan CZ\Desktop\zoek.exe
2014-07-03 18:39 - 2014-07-03 18:39 - 00022235 _____ () C:\Users\Ryan CZ\Desktop\loggs.rar
2014-07-03 18:25 - 2014-07-03 18:26 - 00036637 _____ () C:\Users\Ryan CZ\Desktop\Addition.txt
2014-07-03 18:21 - 2014-07-04 13:23 - 00022073 _____ () C:\Users\Ryan CZ\Desktop\FRST.txt
2014-06-21 00:27 - 2014-06-21 00:28 - 00000000 ____D () C:\AdwCleaner
2014-06-21 00:27 - 2014-06-21 00:27 - 00000137 _____ () C:\Users\Ryan CZ\Desktop\erger.txt
2014-06-21 00:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-21 00:26 - 2014-06-21 00:26 - 01333465 _____ () C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value deleted successfully.
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\Software\Microsoft\Windows\CurrentVersion\Run\\F.lux => value deleted successfully.
HKU\S-1-5-21-1344483680-600186237-1861027464-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
'HKU\S-1-5-21-1344483680-600186237-1861027464-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0eace862-76bb-11e1-8190-402cf42498c1}' => Key deleted successfully.
'HKCR\CLSID\{0eace862-76bb-11e1-8190-402cf42498c1}'=> Key not found.
'HKU\S-1-5-21-1344483680-600186237-1861027464-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd34f000-4f73-11e2-a92e-402cf42498c1}' => Key deleted successfully.
'HKCR\CLSID\{cd34f000-4f73-11e2-a92e-402cf42498c1}'=> Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
rwoebgac => Service deleted successfully.
C:\Users\Ryan CZ\Desktop\zoek-results.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Ryan CZ\Desktop\zoek.exe => Moved successfully.
C:\Users\Ryan CZ\Desktop\loggs.rar => Moved successfully.
C:\Users\Ryan CZ\Desktop\Addition.txt => Moved successfully.
C:\Users\Ryan CZ\Desktop\FRST.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Ryan CZ\Desktop\erger.txt => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\Users\Ryan CZ\Desktop\adwcleaner_3.212.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova ntb??

Vše už vypadá v pořádku je to vše? Pokud ano, tak opět velmi děkuji za pomoc.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse